Hi
As you may know, Cisco has a capability to combine PBR with IPSLA. This is supported on IOS and IOS XR. Now I am trying to simulate same scenario on JunOS 19.1 using Juniper vLABs.
First I configured following FBF:
set firewall filter PBR term 1 from source-address 10.100.100.5/32
set firewall filter PBR term 1 from destination-address 10.100.100.6/32
set firewall filter PBR term 1 then next-ip 10.100.13.2/32
set firewall filter PBR term 100 then accept
Then I applied this FBF on input interface:
set interfaces ge-0/0/3 unit 0 family inet filter input PBR
set interfaces ge-0/0/3 unit 0 family inet address 10.100.15.1/24
The configuration worked fine. Now I want to add some intelligence to this configuration, so I created following Probe on the router:
set services rpm probe root test TCP probe-type tcp-ping
set services rpm probe root test TCP target address 10.100.100.4
set services rpm probe root test TCP probe-count 3
set services rpm probe root test TCP probe-interval 2
set services rpm probe root test TCP test-interval 2
set services rpm probe root test TCP destination-port 65535
set services rpm probe root test TCP thresholds successive-loss 3
set services rpm probe root test TCP thresholds total-loss 3
And because of this config I enabled probe-server on 10.100.100.4.
The probe works fine as well and I got successful result.
Now I want to combine my FBF configuration with this probe, so each time the probe was failed the PBR will be disabled.
Unfortunately, I could not find any configuration example for this. Is this even supported on JunOS? If answer is positive then How?
Thank you in advanced,
Alireza
#FBFPBR